<?php
// In PHP versions earlier than 4.1.0, $HTTP_POST_FILES should be used instead
// of $_FILES.
$basedir = dirname(__FILE__);
$refdir = "upload/";
$uploaddir = $basedir . "/" . $refdir;

$fname = basename($_FILES['file0']['name']);
//echo $fname;
$ext = pathinfo($fname);
//var_dump($ext);
$ext = $ext['extension'];
$newname =  rand(10000,90000) .'.'. $ext;

$uploadfile = $uploaddir . $newname; 
//echo $uploadfile;
$refurl = "edit.php?image=" . $newname;

//echo $uploadfile;

//echo '<pre>';
if (move_uploaded_file($_FILES['file0']['tmp_name'], $uploadfile)) {
  //// echo "File is valid, and was successfully uploaded.\n";
  Header("Location:" .$refurl );
} else {
  //echo "Possible file upload attack!\n";
}


?> 
